Certified Information Security Manager

CISM ( Certified Information Security Manager ) is an IT security - certification . Experienced managers and specialists are to be given the opportunity to prove their qualifications with regard to planning, implementation, control and monitoring of IT security concepts.

areas of expertise

The CISM exam determines the core competencies of an information security manager and defines internationally valid standards that IT security experts must take into account.

In the CISM exam, the specialist knowledge of the following subject areas is queried and assessed:

• Information security governance
• Risk Management (Risk Management)
• Information Security Program Management
• Information Security Management
• Response Management

target group

The exam is aimed at IT security experts who have acquired in-depth professional experience through extensive activities in the field of corporate information security .

requirements

In order to obtain certification, binding evidence of at least five years of professional experience in the area of ​​information security must be provided. Evidence of at least three years of activity in at least three of the subjects listed above must be provided during these five years.

In addition, the following certifications from the area of ​​information security are regarded as sufficient professional experience in the area of ​​information security:

• Two years as a Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Academic degree in information security or a related field (e.g. business administration , information systems , information security)

Web links

• Detailed information on the CISM Exam (English)
• Information from the German chapter of ISACA
• Information from the Swiss Chapter of ISACA